Guido van Rossum wrote:
While working on the warning patch for modsupport.c, I've added two new APIs which hopefully make it easier for Python to switch to buffer overflow safe [v]snprintf() APIs for error reporting et al.
The two new APIs are PyOS_snprintf() and PyOS_vsnprintf() and work just like the standard ones in many C libs. On platforms which have snprintf(), the native APIs are used, on all other an emulation with snprintf() tries to do its best.
Please try them out on your platform. If all goes well, I think we should replace all sprintf() (without the n in the name) with these new safer APIs.
It would be easier to test out the fallback implementation if there was a config option to enable it even on platforms that do have the native version.
Or maybe (following the getopt example) we might consider always using our own code -- so it gets the maximum testing.
How about always enabling our version in the alpha cycle and then reverting back to the native one in the betas ? -- Marc-Andre Lemburg CEO eGenix.com Software GmbH ______________________________________________________________________ Company & Consulting: http://www.egenix.com/ Python Software: http://www.lemburg.com/python/